<?php
//print_r($_POST);
  ##################################################
  session_start();
  mysql_connect('localhost','root','') or die(mysql_error());
  mysql_select_db('nb158d')or die(mysql_error());
  ###################################################
  if(isset($_SESSION['id'])){
    header('location:mydetails.php');
  }


if(isset($_POST['email']) && isset($_POST['password'])) {
  /////////// Login Query ////////////////////
#$email = mysql_real_escape_string(trim($_POST['email']));
  $email = (trim($_POST['email']));
#$password =  mysql_real_escape_string(trim($_POST['password']));
$password = (trim($_POST['password']));

 $query = "SELECT * FROM `login_check` WHERE `email`='$email' AND `password`=md5('$password') AND `status`='1'";
//echo $query;exit;
  $result = mysql_query($query);
  if(mysql_num_rows($result) == 1) {
    $userDetails = mysql_fetch_assoc($result);
    //print_r($userDetails);
    $_SESSION['email'] = $userDetails['email'];
    $_SESSION['id'] = $userDetails['id'];
    $_SESSION['register_date'] = $userDetails['register_date'];
    header('location:mydetails.php');

  } else {
    echo "<h4>Invalid login...</h4>";
  }
}//end if
?>
<form action="" method="post">
  <table width="50%" align="center" border="1" cellspacing="0" cellpadding="10">
    <thead>
      <tr>
        <th colspan="2">LOGIN HERE</th>
      </tr>
    </thead>
    <tbody>
      <tr>
        <td>Email :</td>
        <td><input style="width:300px;" type="text" name="email" required></td>
      </tr>
      <tr>
        <td>Password :</td>
        <td><input style="width:300px;" type="password" name="password" required></td>
      </tr>
      <tr>
        <td>&nbsp;</td>
        <td><input type="submit" value="Login..." name="login"/></td>
      </tr>
    </tbody>
  </table>
</form>

<p>
  Email : admin@example.com <br>
  Email : admin@example.com' OR '1'='1<br>
  Password : admin
<p>
